Tag Archives: Government Communications Headquarters

The UK’s MI5 has decided to beef up its team with more experts on Russia amid the ongoing political crisis in Ukraine. It is now hiring Russian intelligence analysts to monitor intercepted phone calls and e-mails.

Aside from fluent Russian, British citizenship or residency is also a must.

MI5’s recruitment comes amid growing tensions between the West and Russia over the political crisis in Ukraine, a former republic of the Soviet Union. While the two sides agree on the necessity of de-escalation of the situation in Ukraine, there is still no agreement on approaches.

While the West is accusing Moscow of attempts to undermine sovereignty of the country, Russia is blaming the US and its European allies for fueling Maidan protests and supporting the coup-appointed Kiev government.

The files — published first by The Intercept this week and dissected over the course of a 3,000-word article attributed to journalists Glenn Greenwald and Ryan Gallagher — bring to light a number of previously unreported programs undertaken by the secretive US spy agency, including operations that have given the NSA the potential to infect millions of computers around the world by relying on malicious software that’s sent to targets through surreptitious means.

In recent years, however, the NSA has reportedly made adjustments to these operations that enable them to by carried out automatically without the direct aid of human spies — a decision that experts say is undermining the internet as it is known today,

“Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process,” the journalists wrote.

That automated system named “TURBINE,” they said later, is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”

NSA presentation from theintercept.com

According to The Intercept, the NSA has escalated offensive cyber operations significantly since 2004 in order to spy on targets, and has used an array of tactics and “implants” that were previously undisclosed in order to carry out these missions.

The website reported that the agency’s British counterpart, the GCHQ, “appears to have played an integral role” with regards to developing these implants, which have grown in number exponentially in recent years from only 100 or so to tens-of-thousands, according to the report.

These implants, the journalists wrote, allow the NSA “to break into targeted computers and to siphon out data from foreign Internet and phone networks.” They can also be combined with a number of specialized plugins to provide analysts with additional surveillance options, the likes of which could likely leave many thinking staying secure on the Web seem impossible after reading the Greenwald and Gallagher report.

NSA presentation from theintercept.com

n one example cited by The Intercept, the NSA disguised itself as a fake Facebook server in order to intercept connections attempted to be made between account holders and the social networking site’s real computers. Instead, however, the NSA sends those unsuspecting Facebook users to a real site embedded with malware that then has the ability to infect that target’s computer.

That program — QUANTUMHAND — became operational in October 2010, The Intercept reported, after it successfully allowed the NSA to gain access to “about a dozen targets.”

A spokesperson for Facebook told The Intercept he had “no evidence of this alleged activity,” but QUANTUMHAND is far from the only program that, thanks to Edward Snowden, have linked the NSA to relying on already established websites and programs to pry into the communications of targets.

In another example, The Intercept included images from an internal NSA slideshow presentation that indicates surveillance missions can be waged by the agency against targeted email addresses, IP addresses and the “cookies” created by websites like Google, Yahoo, YouTube and countless others to track visitors, often for advertisement and user experience purposes.

NSA presentation from theintercept.com

Ashkan Soltani, a DC-based independent security researcher, remarked on Twitter that the information in that presentation “looks a lot like a catalog of ad tracking tech.” Instead of being used by the likes of Google to give YouTube users a more “personalized” browsing experience, however, the NSA and GCHQ can use these selectors to spy on the habits of unknowing subjects of investigation.

Other programs disclosed by Mr. Snowden and described by The Intercept include CAPTIVATEDAUDIENCE (“used to take over a targeted computer’s microphone and record conversations”, GUMFISH (“can covertly take over a computer’s webcam and snap photographs”), FOGGYBOTTOM (“records logs of Internet browsing histories and collects login details and passwords”), GROK (“used to log keystrokes”) and SALVAGERABBIT to exfiltrate data from removable flash drives connected to a target’s computer.

To infect computers with these implants, The Intercept said, the NSA can avoid trying to trick targets into going to fake websites by instead spamming them with unsolicited email containing links to malware.

“If we can get the target to visit us in some sort of web browser, we can probably own them,” an NSA employee wrote in one of the previously secret documents. “The only limitation is the ‘how.’”

NSA presentation from theintercept.com

The Intercept’s latest report was published only two days after Snowden spoke remotely to the audience of the SXSW Interactive tech conference in Austin, Texas and urged attendees to use encryption — a tactic, he said, that is still relatively successful with regards to thwarting snooping like the kind carried out by the NSA.

Encryption, Snowden said on Monday, makes it“very difficult for any sort of mass surveillance”to occur.

If The Intercept’s report is anywhere close to representative of the NSA’s actual capabilities though, then the agency’s operations are expanding regardless and relying on new tricks and techniques to track down and monitor persons of interest in the name of national security.

“When they deploy malware on systems,” malware expert Mikko Hypponen told The Intercept, “they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties.”

The Wikileaks founder made a Skype appearance at the interactive technology festival, which is taking place in the city of Austin.

“The ability to surveil everyone on the planet is almost there, and arguably will be there in a few years,” said Assange. “And that’s led to a huge transfer of power from the people who are surveilled upon to those who control the surveillance complex. It’s an interesting postmodern version of power.”

Assange also posed the question, “How is it that the internet that everyone looked upon as perhaps the greatest tool of human creation that had ever been has, in fact, been co-opted and [is] now involved in the most aggressive form of state surveillance the world has ever seen?”

He added that the world is “moving into a new totalitarian world — not in the sense of Stalin or Pol Pot, but totalitarian in the sense that the surveillance is total.”

#Assange: Totalitarian dystopia in the sense that the surveillance is total, so that no one can exist outside the state….

Prior to the Edward Snowden leaks, the NSA’s public relations campaign was non-existent, Assange told the large audience while speaking from the Ecuadorian embassy in London. In fact, reporters used to joke that NSA stood for “no such agency.”

Snowden, a former contractor for the agency, last year exposed mass global surveillance programs led by the NSA and Government Communications Headquarters (GCHQ), its British counterpart. The leaks exposed the agencies’ practices of tapping the internet networks, emails, and phone calls of millions of ordinary citizens and political leaders.

Assange criticized the current power balance as “totalitarian dystopia,” by which he meant that “surveillance is total, so that no one exists outside the state.”

Whereas only four years ago the internet was largely an apolitical space, it is has now – through movements such as the Arab Spring and the Occupy movement – become a tool to motivate and organize political change. This means that those in power will seek to control and surveil such a tool, the Australian activist said.

‘Courage is seeing fear’

To showcase the claim, Assange pointed at Snowden and various other whistleblowers, including those from Wikileaks.

British journalist and legal researcher Sarah Harrison, US filmmaker Laura Poitrasa, and US computer security researcher Jacob Applebaum are now all living in effective exile in Berlin, while Glenn Greenwald – who used to be a freelance writer for the Guardian and wrote many of the reports from Edward Snowden on the NSA – is in Brazil. Edward Snowden himself was forced to seek asylum in Russia.

#Assange: Harrison (UK), Poitras (US), Appelbaum (US) are now all in effective exile in Berlin. NatSec reporters are a new type of refugee.

— WikiLeaks (@wikileaks) March 8, 2014

Partly as a result of the NSA leaks scandal, Brazil has become a powerful advocate of trying to limitmass global surveillance. In April, the country will try to introduce changes to the Internet Corporation for Assigned Names and Numbers (ICANN) regulations. ICANN is responsible for the coordination of the global internet’s systems.

But Assange warned that it will be very difficult to turn back the tide of mass global surveillance, as the surveillance agencies hold all the cards and all the power. Specifically, it would be practically impossible for anyone within the government to meaningfully reduce the powers of the surveillance agencies.

“We know what happens when a government gets serious: someone gets fired, prosecuted, etc. These have not happened to the NSA,” he said.

#Assange: You’ve got no choice. You can no longer hide from the state or keep your head down. Arbitrary justice is arbitrary. #sxsw

— WikiLeaks (@wikileaks) March 8, 2014

He gave as an example the case of General David Petraeus, former head of the CIA, who was squeezed out over an extramarital affair scandal in 2012 – although the official version of events is that he resigned after an extramarital affair was discovered by the FBI, Assange said.

“There has been a military occupation of internet space – a very serious phenomenon,” Assange told the attendees.

Before Wikileaks exposures, “we weren’t actually living in the world, we were living in some fictitious representation of the world,” Assange noted. The surveillance of the internet is “the penetration of our civilian society. It means that there has been a militarization of our civilian space. A military occupation of the Internet, our civilian space, is a very serious one.”

“Only a fool has no fear. Courage is seeing fear,” he said.

When asked if he would have done anything differently over the past few years, Assange was adamant that he would not have stayed in the UK, adding that it has a distasteful class system, unlike his native Australia. He said he listened to bad advice from his lawyers, who have profited vastly from the publicity of representing him, while Assange himself has been stuck in the Ecuadorian Embassy for over a year and a half.

Assange said there will be more leaks to come, without specifying the timeframe. “Yes, there is important upcoming material,” he remarked. “I don’t like to give time frames because it tends to give the opponents of that material more time to prepare their spin lines.”

Assange says he has been at the embassy for over 650 days. I feel naive for thinking it would be resolved within weeks.

(CNN) — The town of Bude in the southwest of England is best known for its long sandy beaches and picturesque bays. Nowhere on its tourist brochures is a complex of white domes and dishes at Morwenstow mentioned.

After the latest revelations published by the Guardian, New York Times and Der Spiegel, Morwenstow may become a little more familiar.

The site — now officially known as GCHQ (Government Communications Headquarters) Bude — is at the heart of a global eavesdropping network run by the U.S. National Security Agency (NSA). It has more than 20 antennae orientated toward global communications satellites over the Atlantic and Indian Oceans, Africa and the Middle East, according to declassified sources.

Based on documents provided by former NSA contractor Edward Snowden, the three newspapers reported Friday that GCHQ Bude is a critical hub in eavesdropping on the communications of government figures, and many others, in Europe and beyond.

Among some 1,000 organizations and individuals whose e-mail or phone numbers appear in the documents: the European Commission, the government of Israel, African heads of state, the United Nations Children’s Fund (UNICEF) and the NGO Medecins du Monde.

None of the newspapers published any of the documents they were shown, and the volume of information collected on any particular individual or organization is unclear. The New York Times reported that, “The documents include a few fragmentary transcripts of conversations and messages.”

But one of the many hundreds of phone numbers listed in the documents from 2009 was that of a senior European official, Joaquin Almunia, who is Spanish. At the time — just as Europe’s financial crisis gathered pace — Almunia was the European Union’s economic and monetary affairs commissioner. According to Der Spiegel, he had a “personal identification code in the British target database, with the code name “Broadoak.”

Almunia has since become the competition commissioner, handling antitrust disputes, and has been in a long-running dispute with Google over search-engine practices.

In an apparent reference to the allegations about Almunia, the NSA said in a statement Friday: “We do not use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — U.S. companies to enhance their international competitiveness or increase their bottom line.”

‘This is not the type of behavior that we expect’

According to The New York Times, the French oil company Total and defense contractor Thales also are mentioned in the documents.

The NSA statement concluded: “The U.S. Government is undertaking a review of our activities around the world — looking at, among other issues, how we coordinate with our closest allies and partners.”

The European Commission reacted swiftly to the latest revelations.

A spokeswoman in Brussels said that if proven true, they “are unacceptable and deserve our strongest condemnation. This is not the type of behavior that we expect from strategic partners, let alone from our own Member States,” meaning the UK.

“The Commission will raise these new allegations with US and UK authorities,” she added.

Spanish media also pounced on revelations about Almunia’s communications.

The headline in El Pais translated as: “The US and UK spied on Commissioner Joaquín Almunia’s mobile,” while La Republica also focused on “los servicios secretos británicos” as the perpetrator.

The British government is likely to come under further scrutiny from its European partners over its intelligence gathering activities. UK criticism of the NSA program has been more muted than that of France, Germany or Spain, in part because of the long intelligence partnership between the two countries.

According to German Chancellor Angela Merkel, British Prime Minister David Cameron did not join in a vigorous debate at the EU summit in October on the NSA eavesdropping, rather expressing his “silent acquiescence” to a strongly-worded statement in which Britain was indirectly warned that “a lack of trust could prejudice the necessary cooperation in the field of intelligence gathering.”

By then, Der Spiegel had already reported that the documents leaked by Snowden showed that GCHQ had been involved in a cyberattack against Belgium’s state-run telecom company, Belgacom.

The company would only say at the time that “the intruder had massive resources, sophisticated means and a steadfast intent to break into our network.”

GCHQ shares much of the information it collects with the NSA.

More than eyes on the sky?

The Guardian reported earlier this year, again based on documents provided by Snowden, that the NSA had provided some $25 million to update the Bude facility. But it is also likely that the NSA has been and is still be able to gather directly data harvested by GCHQ Bude.

Nicky Hager, an investigative reporter and author of several books on intelligence, told a committee of the European Parliament in 2001 that “communications were screened for keywords entered into the system by the USA using ‘dictionary managers’. The British therefore had no control over the screening process and had no idea what information was collected in Morwenstow, since it was forwarded directly to the USA.”

Der Spiegel reported Friday that GCHQ Bude may do more than gaze into the heavens.

“Important undersea cables land at nearby Widemouth Bay,” it reported. “One of the cables, called TAT-14, begins at German telecommunications company Deutsche Telekom’s undersea cable terminal.”

TAT-14 links terminals in Denmark, Germany, the Netherlands, the UK and the United States.

That may explain how so many German telephone numbers appear in one 2009 document provided to the newspapers by Snowden.

“Other documents indicate that the British, at least intermittently, kept tabs on entire country-to-country satellite communication links,” like those between Germany and Turkey, Der Spiegel reported.

Morwenstow has long been part of a global network of stations involved in intercepting satellite communications.

The 2001 European Parliament report concluded: “In Morwenstow….GCHQ, working in cooperation with the NSA and in strict accordance with the latter’s instructions, intercepts civilian communications and passes on the recordings to the USA as raw intelligence material.”

More details of people and institutions targeted by UK and US surveillance have been published by The Guardian, The New York Times and Der Spiegel.

The papers say that the list of around 1,000 targets includes a European Union commissioner, humanitarian organisations and an Israeli PM.

The secret documents were leaked by the former US security contractor, Edward Snowden, now a fugitive in Russia.

They suggest over 60 countries were targets of the NSA and Britain’s GCHQ.

The reports are likely to spark more international concern about the surveillance operations carried out by the US and the UK.

News that the National Security Agency had monitored the phone of German Chancellor Angela Merkel triggered a diplomatic row between Berlin and Washington in October.

The New York Times reports that GCHQ monitored the communications of foreign leaders – including African heads of state and sometimes their family members – and directors of United Nations and other relief programmes.

The paper reports that the emails of Israeli officials were monitored, including one listed as “Israeli prime minister”. The PM at the time, 2009, was Ehud Olmert.

“The UK spying on its fellow EU member states in order to get an economic advantage is simply unacceptable,” she said.

GCHQ did not comment directly on the claims but said it operates “under one of the strongest systems of checks and balances and democratic accountability for secret intelligence anywhere in the world”.

On Thursday a White House panel recommended significant curbs on the NSA’s sweeping electronic surveillance programmes.

Edward Snowden left the US in late May, taking a large cache of top secret documents with him.

He faces espionage charges over his actions and has been granted temporary asylum in Russia.

The papers claim that GCHQ’s outpost in Cornwall was used for the monitoring

An NSA document from 2008, titled “Exploiting Terrorist Use of Games & Virtual Environments,” was published Monday by The Guardian in partnership with The New York Times and ProPublica.

In the report, the agency warned of the risk of leaving games communities under-monitored and described them as a “target-rich communications network” where intelligence targets could “hide in plain sight.”

The document showed that the US and UK spy agencies were collecting large amounts of data in the Xbox Live console network, which has more than 48 million players.

Real-life agents have been deployed into the World of Warcraft multiplayer online role-playing game and the virtual world of Second Life, in which people interact with each other through avatars.

The NSA and GCHQ also tried to recruit potential informants among the gamers, the report said.

A visitor plays the computer game “World of Warcraft” at the world’s biggest high-tech fair, the CeBIT (AFP Photo / Nigel Treblin)

The NSA had so many agents inside the games that a special “de-confliction” group was set up to make sure they wouldn’t hamper each other’s operations.

If analyzed properly, the online games can become a major source of intelligence data, the unnamed author of the paper stressed.

They could be used to build pictures of the players’ social networks, obtain their photos and geographical locations, as well as gather their communications. The games were also a convenient window for hacking attacks, the report said.

However, the document provided no information about terrorist plots uncovered via online games surveillance, or any proof of terrorist organizations using them for communication.

The document only stated that: “Al-Qaeda terrorist target selectors… have been found associated with XboxLive, Second Life, World of Warcraft, and other GVEs [Games and Virtual Environments].”

Other NSA targets mentioned in the report include “Chinese hackers, an Iranian nuclear scientist, Hezbollah and Hamas members.”

The paper provides only one example when spying in online games managed to produce a piece of usable intelligence data.

After the closure of a website, which sold stolen credit cards details, GCHQ managed to follow and establish contact with the swindlers, as they moved their business to Second Life.

Screen grab shows a player entering the virtual campaign headquarters of French comunist party “PCF”, located on the “Second life” on-line game. (AFP Photo)

The World of Warcraft creators from Blizzard Entertainment said that they had not given permission to NSA or GCHQ to gather intelligence inside the game, and were “unaware of any surveillance taking place.”

Microsoft and Linden Lab, the company behind Second Life, declined to comment on the issue when approached by Guardian journalists.

According to the document, the NSA bosses took some persuading to launch the surveillance program in XboxLive, Second Life and World of Warcraft amid concerns that those behind the program only wanted to play games at their desks during working hours.

Concerns that the games could be used to “reinforce prejudices and cultural stereotypes” were also expressed in the Snowden-leaked document.

It mentioned the ‘Special Forces 2’ game, which was developed by the Lebanese Hezbollah movement, and was used as a “radicalizing medium” to recruit and train “suicide martyrs.”

But the document acknowledged that Hezbollah had only taken a leaf out of the book of the US Army, which produced a free-to-download game for its recruitment page.

The surveillance operations raise concerns about gamers’ privacy, as the ways used to access people’s data and how much communications data is harvested are unspecified, the Guardian said.

It was not clear how the NSA could avoid spying on innocent American citizens, whose nationality and identity were hidden behind their virtual avatars.

Snowden’s revelations of vast domestic and international surveillance and data collection by the US and the UK have been making headlines since June.

For nearly a decade, the NSA used a warrantless web surveillance system with a near-limitless ability to spy on anyone’s phone calls, e-mails, search history and more, obtaining information from major Internet giants like Google, Apple and Facebook.

The leaks about the American intelligence services spying on emails and tapping phones of world leaders has provoked scandals between Washington and a number of countries in Europe, Latin America and Asia.

Human rights organization Amnesty International has declared it will take legal action against British security services. Amnesty claims its calls have been intercepted by UK intelligence agencies.

“As a global organization working on many sensitive issues that would be of particular interest to security services in the US and UK, we are deeply troubled by the prospect that the communications of our staff may have been intercepted,” Michael Bochenek, Amnesty’s director of law and policy told the Guardian.

The group has issued a claim at the Investigatory Powers Tribunal (IPT) saying that the alleged actions by UK intelligence would be in breach of article 8 (right to privacy) and article 10 (right to freedom of expression) of the Human Rights Act.

“We regularly receive sensitive information from sources in situations that mean their co-operation with Amnesty could present a real risk to their safety and the safety of their family,” Bochenek said.

Amnesty has also demanded that the IPT hold public hearings of the process – contrary to the body’s usual practice of reviewing the complaints secretively and in an unregulated manner.

“It would be a ridiculous irony if the investigation into surveillance that has been carried out in secret was itself secret,” Bochenek said.

This is not the only case of an organization suing security services over unauthorized access to their data. Human rights groups Liberty, Privacy International and Big Brother Watch have taken the issue to court, and legal proceedings are underway.

This is the latest among cases taken to court in the wake of Edward Snowden’s disclosures.

The Amnesty’s move follows revelations that British GCHQ (Government Communications Headquarters) and the NSA (National Security Agency) in the US have been using programs to access the users’ and companies’ data on the Internet. The programs include PRISM and Tempora, and can take in huge amounts of information shared between the two countries.